[Leaplist] will this work with IPCop
Randall Perry
randallp at hcrn.info
Thu Jan 10 02:45:16 GMT 2008
On 1/9/08, Mr. Brunkow <ssma at sunstatemartialarts.com> wrote:
>
> ok but as john pointed out do you have to open all of those ports in the
> firewall (IPCop) for it to work?
>
You would need to have at least 1 discreet port for every service that
requires socket connection for operation. It would be nice to open up
more ports so that the random port numbers have greater diversity
(like having more radio channels for FHSS ).
The port numbers should be low, though.
Services typically return service on higher port numbers.
So you could open a range from 90 to 6000 and then skip 443 and 445
(because those will be typically scanned).
I wonder what snort would think of that.
It would be hard to create a ruleset for snort that it could follow
without it knowing the cryptographic sequence.
--
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.
Randall Perry
Hope Crisis Response Network
www.hcrn.info
More information about the Leaplist
mailing list